CVE-2017-15908

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-15908

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15908.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-15908

Related

Published

2017-10-26T14:29:00Z

Modified

2024-09-18T02:47:47.531863Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dnspacketreadtypewindow() function of the 'systemd-resolved' service and cause a DoS of the affected service.

References

Affected packages

Debian:11 / systemd

Package

Name: systemd
Purl: pkg:deb/debian/systemd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

235-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / systemd

Package

Name: systemd
Purl: pkg:deb/debian/systemd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

235-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / systemd

Package

Name: systemd
Purl: pkg:deb/debian/systemd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

235-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/systemd/systemd

Affected ranges

Type: GIT
Repo: https://github.com/systemd/systemd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

38b383d9fe0f5c4e987c1e01136ae6073076fee3

Last affected

39d1a2d05d4cc75c57de2658ceef04caa9928768

Last affected

3a74d4fc90cb322a4784a3515bef7118c8f8c5ba

Last affected

4211d5bd135ae4c43bd2012ae5f327b1cc1596c0

Last affected

95adafc428b5b4be0ddd4d43a7b96658390388bc

Last affected

a1e2ef7ec912902d8142e7cb5830cbfb47dba86c

Last affected

b2a0ac5e5b29c73ca7c0da23369a4769d5a91ddd

Last affected

c1719d8bc924ed59448616bd748671c5c7a66d93

Last affected

c1edab7ad1e7ccc9be693bedfd464cd1cbffb395

Last affected

c379f143a5ccdbc94a87cfca0174e7f21fa05f26

Last affected

d60c527009133a1ed3d69c14b8c837c790e78d10

Last affected

dd050decb6ad131ebdeabb71c4f9ecb4733269c0

Last affected

e1439a1472c5f691733b8ef10e702beac2496a63

Affected versions

Other

001

002

003

004

005

006

007

008

009

010

011

012

013

014

015

016

017

018

019

020

021

022

023

024

025

026

027

028

029

030

031

032

033

034

035

036

037

038

039

040

042

043

044

045

046

047

048

049

050

051

052

053

054

055

056

057

058

059

060

061

062

064

174

175

176

177

178

179

180

181

182

v10

v11

v12

v13

v14

v15

v16

v17

v18

v183

v184

v185

v186

v187

v188

v189

v19

v190

v191

v192

v193

v194

v195

v196

v197

v198

v199

v20

v200

v201

v202

v203

v204

v205

v206

v207

v208

v209

v21

v210

v211

v212

v213

v214

v215

v216

v217

v218

v219

v22

v220

v221

v222

v223

v224

v225

v226

v227

v228

v229

v23

v230

v231

v24

v25

v26

v27

v28

v29

v30

v31

v32

v33

v34

v35

v36

v37

v38

v39

v40

v41

v42

v43

v44